Spice Project CVE

Filtered by vendor Spice Project Subscribe

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2016-0749	5 Debian, Microsoft, Opensuse and 2 more	12 Debian Linux, Windows, Leap and 9 more	2019-04-22	10.0 HIGH	9.8 CRITICAL
The smartcard interaction in SPICE allows remote attackers to cause a denial of service (QEMU-KVM process crash) or possibly execute arbitrary code via vectors related to connecting to a guest VM, which triggers a heap-based buffer overflow.

Vulnerabilities (CVE)